48 lines
1.1 KiB
HCL
48 lines
1.1 KiB
HCL
terraform {
|
|
required_providers {
|
|
minio = {
|
|
source = "aminueza/minio"
|
|
version = "~> 2.5.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "minio" {
|
|
minio_server = "localhost:9123"
|
|
minio_region = "eu-central-1"
|
|
minio_user = data.vault_kv_secret_v2.minio_creds.data["access_key"]
|
|
minio_password = data.vault_kv_secret_v2.minio_creds.data["secret_key"]
|
|
}
|
|
|
|
resource "minio_s3_bucket" "platform" {
|
|
depends_on = [data.vault_kv_secret_v2.minio_creds]
|
|
bucket = "platform"
|
|
acl = "private"
|
|
}
|
|
|
|
resource "minio_iam_user" "platform" {
|
|
depends_on = [data.vault_kv_secret_v2.minio_creds]
|
|
name = "platform"
|
|
}
|
|
|
|
resource "minio_iam_policy" "platform" {
|
|
depends_on = [minio_s3_bucket.platform]
|
|
name = "platform-policy"
|
|
policy = jsonencode({
|
|
Version = "2012-10-17"
|
|
Statement = [
|
|
{
|
|
Effect = "Allow"
|
|
Action = ["s3:GetObject", "s3:PutObject"]
|
|
Resource = ["arn:aws:s3:::platform/*"]
|
|
}
|
|
]
|
|
})
|
|
}
|
|
|
|
resource "minio_iam_user_policy_attachment" "policy_attachment" {
|
|
depends_on = [minio_iam_user.platform, minio_iam_policy.platform]
|
|
user_name = minio_iam_user.platform.name
|
|
policy_name = minio_iam_policy.platform.name
|
|
}
|